A look back at 12 years of Mac malware

Posted on January 1st, 2013 at 10:32 PM EDT

It has been 12 years since the advent of Mac OS X. There had been some malware for older Mac systems before that point, but none of those worked on Mac OS X. This “reset the clock” on the Mac with respect to malware. Further, the new Unix base of Mac OS X promised greater security than older versions of the Mac OS. So how has that promise stacked up at this point? Read the rest of this entry »

9 Comments

News Favorites

Posted on June 18th, 2012 at 12:04 PM EDT

Below are some of the news articles that have the most long-term interest.  Many of these have gotten somewhat lost in the archives of my blog at this point, so I have summarized them here.  I will be adding more to this page over time.

Security

• What is Gatekeeper?
• Beware of fake tech support
• Java is vulnerable… Again?!
• Mac anti-virus testing, part 2
• Mac anti-virus detection rates
• Eliminating browser redirects and advertisements
• About the Flashback malware
• Do I need a firewall?
• MacDefender information

Troubleshooting

• The myth of the dirty Mac
• Recovering deleted files
• Understanding upgrade nightmares
• Missing disk space in Lion

How-to

• How to reinstall Mac OS X from scratch
• How to prepare your Mac for sale
• Hiding GMail’s “All Mail” from Apple Mail
• Scheduling recurring tasks
• Using Java in Mac OS X

Leave a comment

Mac Malware Guide : Am I infected?

Posted on June 17th, 2012 at 9:29 PM EDT

I hear this question all the time these days, and find myself often typing the same things over and over again. This FAQ, which is part of my Macintosh Malware Guide, will help you determine whether or not you should be worried. Note that it is written on the assumption that you have read the Macintosh Malware Guide first. Read the rest of this entry »

Leave a comment

Mac Malware Guide : Do I need anti-virus software?

Posted on June 17th, 2012 at 8:38 PM EDT

There is no simple yes or no answer to this question. The answer will depend on many factors, the biggest of which is your own opinion on security. However, I do have some recommendations. Before we get to those, we need to examine some basic facts about anti-virus (AV) software. Read the rest of this entry »

Leave a comment

New Mac malware abounds

Posted on April 25th, 2012 at 12:27 PM EDT

Several new malware programs have appeared for the Mac in the last week or so, bringing the grand total of new Mac malware in the first four months of 2012 to 5, compared to 6 for all of 2011.*  This increase in Mac malware is a concerning trend, and is making for lots of juicy news stories in the media.  But how much do Mac users really need to worry about this?  That’s a hard question to answer, since every individual will have a different threshold for worry, but let’s start with some facts. Read the rest of this entry »

8 Comments

About the Flashback malware

Posted on April 7th, 2012 at 2:37 PM EDT

What is Flashback?

Flashback first appeared back in September of 2011, as a simple trojan.  It would be downloaded from web sites that displayed a warning that your Adobe Flash player had crashed and needed to be updated.  Of course, the “update” would actually be malware, which would install some code that would be inserted into applications like Safari, with the purpose of sniffing out data you transmit, such as credit card numbers or financial site passwords.  It wasn’t to big a threat to the wary web surfer, though…  especially English-speaking folks, who would be tipped off immediately by text like “Update fix a crush of Adobe Flash player.” Read the rest of this entry »

Leave a comment

More new tricks from Flashback

Posted on March 7th, 2012 at 1:59 PM EDT

Intego has announced the discovery of yet another variant of Flashback.  The new variant, called Flashback.N, is based on the previous Flashback.G, and it also uses Java to get its dirty work done.  Worse, Intego now claims that Flashback is made by the same people who were behind the MacDefender malware last year! Read the rest of this entry »

1 Comment

Beware iAntivirus!

Posted on February 3rd, 2012 at 7:56 AM EDT

I have always had a problem with iAntivirus’ published threat list, which mostly includes hacker tools and antique viruses that cannot affect any system made this century. I’ve always found that to be misleading. However, iAntivirus has come back to my attention after years of not thinking about it, and what I see now concerns me greatly. I believe that, at this point, it may actually be dangerous to rely on iAntivirus!

Read the rest of this entry »

This post is more than 30 days old and has been locked. No further comments are allowed.

Flashback still slipping past AV software

Posted on October 8th, 2011 at 7:33 AM EDT

A colleague sent me a link to a new copy of Flashback.A this morning.  I have visited the site and downloaded the malware.  What I found was both comforting and concerning. Read the rest of this entry »

This post is more than 30 days old and has been locked. No further comments are allowed.

A new Flash Player trojan

Posted on September 26th, 2011 at 2:34 PM EDT

Earlier today, Intego announced their discovery of a new Flash Player trojan, which they have named OSX/flashback.A.  Earlier this summer, another Flash Player trojan (BASH/QHost.WB) was announced by F-Secure, masquerading (as this one does) as a Flash Player installer.  However, unlike the last trojan, which never really worked, this new trojan is functional (though different)! Read the rest of this entry »

2 Comments